<?php session_start();
$host = $_SERVER['HTTP_HOST'];
if ($_SERVER['SERVER_NAME'] == 'localhost'){$uri="/kalender";}else{$uri="";}
if (!isset($_SESSION['id_user']) || $_SESSION['id_user']=='') {
	echo "<script language=Javascript> location.href='http://$host$uri/index.php'; </script>";	
}else{
		
	if (!is_object($bd)){	
		//me conecto a la base de datos
		require("../globals/Db.class.php");
		require("../globals/Conf.class.php");
		$bd=Db::getInstance();	
	}	
	if (!is_object($util)){	
		include("../globals/Util.class.php");
		$util=Util::getInstance();
	}
	

	if (!($util->administrarTiempoSesion())){
		echo "<script language=Javascript> location.href='http://$host$uri/timeout.php'; </script>";
	}else if (!($util->administrarAcceso("facturacion"))){
		echo "<script language=Javascript> location.href='http://$host$uri/sinAcceso.php'; </script>";
	}
				
	$idNC = $bd->san($_POST["idNC"]);
	$desc = $bd->san($_POST["desc"]);
	$valor = $bd->san($_POST["valor"]);
	
	if (is_numeric($valor)){
		try {
			$bd->beginTransaction();
		
				$query = "update notas_credito set descripcion = '$desc', valor = '$valor' where id = $idNC; ";
				$result = $bd->eje($query);			
							
				$id_user = $_SESSION['id_user'];
				$nombre = $bd->san($_POST["rs"]);
				$query = "INSERT INTO logs (usuario_id, accion, fecha) values ($id_user, 'Se ha editado la NC para $nombre', now());";
				$bd->eje($query);	
			
			$bd->commit();
			echo "msg:ok";	
		} catch (Exception $e) {	   
		    $bd->rollback();
		    echo "msg:nok";
		}
	}else{
		 echo "msg:nok";
	}	
	
}
?>